« previous next »
Pages: [1]   Go Down

Author Topic: question?  (Read 4679 times)

0 Members and 1 Guest are viewing this topic.

coaster3000

  • Guest
question?
« on: April 21, 2010, 10:46:40 PM »
How do i upload a thing for avast to add to database?

I have a for sure virus.

Its a trojan that does not allow keyboard to be used at all. It sets a file to make it auto start once it is at least ran once.
It puts a command in the autoexec.bat (hidden file on XP not sure about other computers) to auto start.

Where do i upload for avast to put it in database?

its keyboard killer trojan i would call it.
« Last Edit: April 21, 2010, 10:49:12 PM by coaster3000 »
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37530
  • Not a avast user
Re: question?
« Reply #1 on: April 21, 2010, 10:51:02 PM »
upload to virus@avast.com

also upload file to VirusTotal www.virustotal.com when you have the result, copy the URL in the address bar and post it here
Logged

coaster3000

  • Guest
Re: question?
« Reply #2 on: April 21, 2010, 10:52:03 PM »
Quote from: Pondus on April 21, 2010, 10:51:02 PM
upload to virus@avast.com

also upload file to VirusTotal www.virustotal.com when you have the result, copy the URL in the address bar and post it here

its a new virus i checked with virus total but i ran it on another computer. it turns out it is a virus. brand new

Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37530
  • Not a avast user
Re: question?
« Reply #3 on: April 21, 2010, 11:06:12 PM »
Can you post the virusTotal result !
Logged

coaster3000

  • Guest
Re: question?
« Reply #4 on: April 21, 2010, 11:21:26 PM »
https://www.virustotal.com/analisis/0dc2fbdacf523d5ccff294da0843c3de778288edeed49d93baa00ef033cbc510-1271883417

pondus i emailed you a few things. and questions

i rename virus names to make sure i dont run them..
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37530
  • Not a avast user
Re: question?
« Reply #5 on: April 22, 2010, 12:23:36 AM »
Malware sample sendt to avast


Anubis
http://anubis.iseclab.org/?action=result&task_id=14d083fdb68467a34cd241afc2af26f4c&format=html




Norman SandBox Reporter

virus.exe : Not detected by Sandbox (Signature: NO_VIRUS)


 [ DetectionInfo ]
    * Filename: C:\analyzer\scan\virus.exe.
    * Sandbox name: NO_MALWARE
    * Signature name: NO_VIRUS.
    * Compressed: NO.
    * TLS hooks: NO.
    * Executable type: Application.
    * Executable file structure: OK.
    * Filetype: PE_I386.

 [ General information ]
    * Applications uses MSVBVM60.DLL (Visual Basic 6).
    * Form uses id Form.
    * File length:      1941504 bytes.
    * MD5 hash: d42ead1b619dd774d61b44a179e9de7b.
    * SHA1 hash: e2d85959a7b525b2702967561a05a2ad7c37960b.
    * Entry-point detection: Microsoft Visual Basic 5.0/6.0.

 [ Process/window information ]
    * Creates a COM object with CLSID {FCFB3D23-A0FA-1068-A738-08002B3371B5} : VBRuntime.
    * Creates a COM object with CLSID {E93AD7C1-C347-11D1-A3E2-00A0C90AEA82} : VBRuntime6.

« Last Edit: April 22, 2010, 12:37:58 AM by Pondus »
Logged
Pages: [1]   Go Up
« previous next »